<?php
/**
 * @author yuanyitian
 * @date 2023/8/14 14:01
 */
require_once $_SERVER["DOCUMENT_ROOT"]."/global/data.php";
require_once $_SERVER["DOCUMENT_ROOT"]."/global/function.php";
class AesUtil
{
    private $aesKey;

    const KEY_LENGTH_BYTE = 32;
    const AUTH_TAG_LENGTH_BYTE = 16;

    public function __construct($aesKey)
    {
        if (strlen($aesKey) != self::KEY_LENGTH_BYTE) {
            throw new InvalidArgumentException('无效的ApiV3Key，长度应为32个字节');
        }
        $this->aesKey = $aesKey;
    }

    public function decryptToString($associatedData, $nonceStr, $ciphertext)
    {
        $ciphertext = base64_decode($ciphertext);
        if (strlen($ciphertext) <= self::AUTH_TAG_LENGTH_BYTE) {
            return false;
        }

        if (function_exists('\sodium_crypto_aead_aes256gcm_is_available') && \sodium_crypto_aead_aes256gcm_is_available()) {
            return \sodium_crypto_aead_aes256gcm_decrypt($ciphertext, $associatedData, $nonceStr, $this->aesKey);
        }

        if (function_exists('\Sodium\crypto_aead_aes256gcm_is_available') && \Sodium\crypto_aead_aes256gcm_is_available()) {
            return \Sodium\crypto_aead_aes256gcm_decrypt($ciphertext, $associatedData, $nonceStr, $this->aesKey);
        }

        if (PHP_VERSION_ID >= 70100 && in_array('aes-256-gcm', openssl_get_cipher_methods())) {
            $ctext = substr($ciphertext, 0, -self::AUTH_TAG_LENGTH_BYTE);
            $authTag = substr($ciphertext, -self::AUTH_TAG_LENGTH_BYTE);

            return openssl_decrypt($ctext, 'aes-256-gcm', $this->aesKey, OPENSSL_RAW_DATA, $nonceStr, $authTag, $associatedData);
        }

        throw new \RuntimeException('AEAD_AES_256_GCM需要PHP 7.1以上或者安装libsodium-php');
    }
}

$time=time();
$con=con();
$data = json_decode(file_get_contents("php://input"), true);
$data =json_decode( (new AesUtil($GLOBALS["wechat_pay_key"]))->decryptToString($data["resource"]["associated_data"], $data["resource"]["nonce"], $data["resource"]["ciphertext"]),true);
$data0=json_encode($data);
mysqli_query($con,"insert into refund_log(create_time,remark) values($time,'$data0')");
$id=mysqli_query($con,"select last_insert_id() as id");
$id=mysqli_fetch_assoc($id);
$id=(int)$id["id"];

$mchid=$data["mchid"];
$out_trade_no=$data["out_trade_no"];
$transaction_id=$data["transaction_id"];
$out_refund_no=$data["out_refund_no"];
$refund_id=$data["refund_id"];
$refund_status=$data["refund_status"];
$success_time=$data["success_time"];
$user_received_account=$data["user_received_account"];
$total=$data["amount"]["total"];
$refund=$data["amount"]["refund"];
$payer_total=$data["amount"]["payer_total"];
$payer_refund=$data["amount"]["payer_refund"];

mysqli_query($con,"update `order` set status=-2 where order_no='$out_trade_no' and status=-4");
mysqli_query($con,"update  refund_log set mchid='$mchid',out_trade_no='$out_trade_no',transaction_id='$transaction_id',out_refund_no='$out_refund_no',refund_id='$refund_id',refund_status='$refund_status',success_time='$success_time',user_received_account='$user_received_account',total='$total',refund='$refund',payer_total='$payer_total',payer_refund='$payer_refund' where id=$id");
mysqli_close($con);
